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LIST OF CLAIMS / AMENDMENTS 



Claims 38, 43-44, 59-66, and 70 were canceled previously. 

Please amend claims 1-3, 6, 16, 26, 32, 35, 53, 67-68, and 71-73 as shown 

herein. 

Claims 1-37, 39-42, 45-58, 67-69, and 71-73 are pending and are listed 
following: 

1. (currently amended) A method comprising: 

initiating an online gaming activity from a gaming s y s tem console with 
multiple users; and 

authenticating the multiple users of the gaming console , the gaming system 
console , a game title, and an online service together in a single request/reply 
exchange wi#i between an authentication entity and the gaming console . 

2. (currently amended) A method as recited in claim 1, wherein 
the authenticating comprises: 

submitting a request from the gaming system console to the authentication 
entity, the request containing identities of the multiple users, identification of the 
gaming system console , identification of the game title, and identification of the 
online service; and 

returning a reply from the authentication entity to the gaming system 
console that can be used to authenticate the multiple users, the gaming s ystem 
console, and the game title in the online gaming activity. 



2 



MS1-766USM(M 



2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 



3. (currently amended) A method as recited in claim 1, wherein 
the authenticating comprises: 

forming, at the gaming system console , a request containing an identity 
string that includes a gaming system console identity, a game title identity, 
multiple user identities, and an identity of an online service; 

submitting the request firom the gaming system console to the 
authentication entity; 

creating, at the authentication entity, a reply containing the identity string 
and a session key Kxa to be used in communication between the gaming system 
console and the online service, the reply being encrypted with a key associated 
with the onhne service; and 

returning the reply firom the authentication entity to the gaming s ystem 
console . 

4. (original) A method as recited in claim 1, wherein the 
authenticating comprises exchanging messages specified in the Kerberos protocol, 
the response message containing a ticket having a authorization data field which 
acknowledges that multiple identities have been authenticated. 

5. (original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 1 . 



Iee@hayes 



3 



6. (currently amended) A method comprising: 

submitting a single request from a game console to a ticket issuing entity, 
the request containing a game console identity, multiple user identities identifying 
multiple users of the game console , and an identity of an online service; 

returning a ticket from the ticket issuing entity to the game console, the 
ticket containing the game console identity and the multiple user identities 
encrypted with a key associated with the online service; 

passing the ticket from the game console to the online service; and 

decrypting the ticket at the online service, wherein after the decrypting the 
authenticity of the multiple users contained in the ticket is trusted. 

7. (previously presented) A method as recited in claim 6, wherein 
the single request further includes an identity of the game console, and the game 
console identity is included in the issued ticket. 

8. (original) A method as recited in claim 6, further comprising 
sending some cryptographical information to prove knowledge of the user's key 
while submitting the request. 

9. (original) A method as recited in claim 6, wherein the ticket 
fiirther includes at least one of the online service identity, a time that the ticket is 
generated, a second time parameter indicative of when the ticket expires, and a 
randomly generated session key to be used in communication between the game 
console and the online service. 
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10. (original) A method as recited in claim 6, wherein the returning 
further comprises sending an attached message along with the ticket from the 
ticket issuing entity to the game console, the message containing a randomly 
generated session key to be used in communication between the game console and 
the online service. 

11. (original) A method as recited in claim 10, wherein the attached 
session message is encrypted with a key associated with the game console. 

12. (original) A method as recited in claim 10, wherein the passing 
comprises sending a second message with a current time encrypted with the 
session key. 

13. (original) A method as recited in claim 12, wherein the ticket 
fiirther includes a randomly generated session key and the verifying, at the online 
service, further comprises: 

decrypting the ticket using the key associated with the online service to 
recover the session key; 

decrypting the second message with the session key to recover the current 
time; and 

authenticating the multiple users and the game console in the event that the 
recovered current time is within an acceptable time window from the current time. 
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14. (original) A method as recited in claim 6, further comprising: 
sending a reply from the online service to the game console; and 
verifying, at the game console, an authenticity of the reply. 

15. (original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 6. 

16. (currently amended) A method comprising: 

creating, at a game console, multiple validated user identities (Ui, Hi), 
(U2, H2), . . ., (Uu, Hu) identifying multiple users of the game console composed of 
user identities Ui, U2, Uu and associated values Hi, H2, Hy derived from 
the user's key; 

forming, at the game console, a request containing an identity string that 
includes a game console identity X, a game title identity G, the multiple validated 
user identities, and an identity A of an online service, as follows: 

Request = [X, G, A, (Ui, Hj), . . ., (Uy, Hu)]; 

submitting the request from the game console to a ticket issuing entity; 

creating, at the ticket issuing entity, a ticket containing the identity string 
and a session key Kxa encrypted with a key Ka associated with the online service, 
as follows: 

Ticket Eka[Kxa, X, G, A, Ui,U2,U3,U4]; 
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sending the ticket along with the session key Kxa from the ticket issuing 
entity to the game console; 

passing the ticket from the game console to the online service along with 
data encrypted using the session key Kxa; and 

verifying the ticket at the online service by decrypting the ticket using the 
online service key Ka, extracting the session key Kxa from the decrypted ticket, 
and decrypting the data from the game console using the session key Kxa- 

17. (original) A method as recited in claim 16, wherein the creating 
comprises computing cryptographic hash digests of user keys associated with the 
multiple users, each user identity being a combination of the user identity and the 
cryptographic hash of an associated user key. 

18. (original) A method as recited in claim 16, wherein the creating 
comprises encrypting a time value using keys associated with the multiple users, 
each user identity being a combination of the user identity and the current time 
encrypted with the user key. 

19. (original) A method as recited in claim 16, wherein the request 
further includes an identity of the game console. 

20. (original) A method as recited in claim 16, wherein the ticket 
further includes at least one of a time that the ticket is generated and a second time 
parameter indicative of when the ticket expires. 
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21. (original) A method as recited in claim 16, further comprising 
encrypting the session key Kxa with a key associated with the game console 
before said sending of the session key to the game console. 

22. (original) A method as recited in claim 16, wherein the data 
comprises a time value representative of a current time. 

23. (original) A method as recited in claim 16, wherein the data 
comprises a time value representative of a current time, and the verifying 
comprises authenticating the game console and the multiple users in an event that 
the time value received from the game console is within an acceptable time 
window from a current time. 

24. (original) A method as recited in claim 23, further comprising: 
sending a reply from the online service to the game console, the reply 

containing the time value encrypted using the session key Kxa; and 

verifying, at the game console, an authenticity of the online service in an 
event that the game console successfully decrypts the time value using the session 
key Kxa, and the time value returned matches the time value sent to the online 
service. 

25. (original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 16. 
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26. (currently amended) A method for operating a game console, 
comprising: 

submitting a request to a ticket issuing entity, the request containing 
multiple user identities identifying multiple users of the game console , a game 
title, and an identity of an online service; and 

receiving a single ticket from the ticket issuing entity that can be used to 
authenticate the multiple user identities and the game title to the online service. 

27. (previously presented) A method as recited in claim 26, wherein 
the request fiirther includes an identity of the game console. 

28. (original) A method as recited in claim 26, ftirther comprising 
cryptographically deriving the user identities from information associated v^ith the 
users. 

29. (original) A method as recited in claim 26, wherein the ticket 
includes at least one of (1) the multiple user identities, (2) the identity of the online 
service, (3) an identity of the game console, (4) an identity of a game title being 
played in the game console, (5) a time that the ticket is generated, (6) a second 
time parameter indicative of when the ticket expires, and (7) a randomly generated 
session key to be used in communication between the game console and the online 
service. 
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30. (original) A method as recited in claim 26, further comprising 
sending the ticket to the online service. 

31. (original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 26. 

32. (currently amended) A method for operating a game console, 
comprising: 

submitting a request to a ticket issuing entity, the request containing 
multiple user identities identifying multiple users of the game console and an 
identity of the game console; and 

receiving a single ticket from the ticket issuing entity that can be used to 
authenticate the multiple user identities and the game console. 

33. (original) A method for operating a game console, comprising: 
creating a request with multiple user identities of multiple users who are 

playing on a game console; and 

submitting the request to a third party. 

34. (original) A method as recited in claim 33, wherein the request 
includes at least one of an identity of an online service, an identity of the game 
console, an identity of a game title being played in the game console. 
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35. (currently amended) A method as recited in claim 33, further 
comprising receiving a single ticket from the ticket issuing entity that can be used 
to authenticate the multiple user identities to another entity. 

36. (original) One or more computer-readable media comprising 
computer- executable instructions that, when executed, perform the method as 
recited in claim 33. 

37. (previously presented) A method comprising: 

receiving a request from a game console, the request containing multiple 
user identities of multiple users who are playing at the game console, a game 
console identity, a game title identity, and an identity of a third party; 

generating a single ticket to be used to authenticate the multiple user 
identities, the game console identity, and the game title identity to the third party; 
and 

returning the ticket to the game console. 

38. (canceled) 
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39. (original) A method as recited in claim 37, wherein the ticket 
includes at least one of (1) the multiple user identities, (2) the identity of the third 
party, (3) an identity of the game console, (4) an identity of a game title being 
played in the game console, (5) a time that the ticket is generated, (6) a second 
time parameter indicative of when the ticket expires, and (7) a randomly generated 
session key to be used in communication between the game console and the third 
party. 

40. (original) A method as recited in claim 37, further comprising 
encrypting the ticket with a key associated with the third party prior to said 
returning the ticket. 

41. (original) A method as recited in claim 37, further comprising: 
generating a session key to be used in communication between the game 

console and the third party; and 

sending the session key to the game console. 

42. (original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 37. 

43-44. (canceled) 
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45. (previously presented) A method for manufacturing a game 
console, comprising: 

constructing a game console with associated authentication information; 

and 

storing the authentication information in a database to be used for 
authenticating the game console, a game title executing on the game console, and 
multiple users of the game console after the game console is released from 
manufacturing. 

46. (original) A method as recited in claim 45, wherein the 
authentication information comprises at least one of a hard disk drive ID, a CPU 
ID, a first value derived from the hard disk ID, a second value derived from the 
CPU ID, and a third value derived from a combination of the hard disk drive ID 
and the CPU ID. 

47. (original) A method as recited in claim 45, wherein the 
authentication information comprises one or more serial numbers of hardware 
components in the game console. 

48. (original) A method as recited in claim 45, wherein the 
authentication information comprises a random key generated at manufacturing 
time. 
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49. (original) A method as recited in claim 45, further comprising 
securely transferring the database to an authentication site for access by an 
authentication server. 

50. (original) A method as recited in claim 45, further comprising 
creating, at the authentication server, account names/passwords for the game 
consoles identified in the database. 

51. (original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 45. 

52. (previously presented) A method for validating an authenticity 
of a game console and multiple users of the game console, comprising; 

receiving, from the game console, authentication information that is 
associated with the game console at a time of manufacturing; and 

evaluating the authentication information to determine whether the game 
console is valid. 

53. (currently amended) A method as recited in claim 52, wherein 
the authentication information comprises at least one of a hard disk drive ID, a 
CPU ID, a first value derived firom the hard disk drive ID, a second value derived 
from the CPU ID, and a third value derived firom a combination of the hard disk 
drive ID and the CPU ID. 
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54. (original) A method as recited in claim 52, wherein the 
evaluating comprises using a database of authentication information for game 
consoles to determine whether the authentication is valid. 

55. (original) A method as recited in claim 52, wherein the 
evaluating comprises ascertaining whether an account for the game console 
associated with the authentication information has already been established. 

56. (original) A method as recited in claim 52, further comprising, in 
an event that the game console is valid, generating an identity and a cryptographic 
key for the game console. 

57. (original) A method as recited in claim 52, further comprising, in 
an event that the game console is valid, creating an account for the game console. 

58. (original) One or more computer-readable media comprising 
computer-executable instructions that, when executed, perform the method as 
recited in claim 52. 

59-66. (canceled) 
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67. (currently amended) A single gaming ticket data structure 
embodied on a computer readable media , comprising multiple user identities of 
users playing at a game console, encrypted using a key associated with a third 
party entity to which the multiple users are to be authenticated. 

68. (currently amended) A single gaming ticket data structure 
embodied on a computer readable media , comprising multiple user identities of 
users playing at a game console and an identity of the game console, encrypted 
using a key associated with a third party entity to which the multiple users are to 
be authenticated. 

69. (previously presented) A game console, comprising: 
a memory; and 

a processor coupled to the memory, the processor being configured to 
obtain authentication of multiple users of the game console together in a single 
request/reply exchange with an authentication entity, wherein the single 
request/reply exchange identifies the multiple users, the game console, a game 
title, and an online service. 

70. (canceled) 
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71. (currently amended) A game console as recited in claim 70 
69, wherein the memory comprises a hard disk drive with an associated hard 
disk ID and the processor has an associated processor ID, and the processor is 
configured to submit at least one of the hard disk ID, the CPU ID, and a value 
derived from the CPU ID to a third party as part of a process to obtain the game 
console identity. 

72. (currently amended) A system, comprising: 
a ticketing issuing entity; 

a game console configured to submit a request to the ticket issuing entity, 
the request containing multiple user identities identifying muhiple users of the 
game console , a game console identity, a game title identity, and an identity of an 
online service; and 

the ticket issuing entity being configured to generate a single ticket that can 
be used by the game console to authenticate the multiple user identities, the game 
console identity, and the game title identity to the online service. 



iee@hayes 



17 



1 

2 
3 

5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 



73. (currently amended) A system, comprising: 
a ticketing issuing entity; 

a game console configured to submit a request to the ticket issuing entity, 
the request containing multiple user identities identifying multiple users of the 
game console , a game console identity, and a game title identity; and 

the ticket issuing entity being configured to generate a single ticket that can 
be used by the game console to authenticate the multiple user identities, the game 
console identity, and the game title identity to a third party. 

74. (canceled) 
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